TheSaffaGeek

My ramblings about all things technical

Category Archives: Virtualisation


by Leave a comment

vSphere 5.1 Announced with Site Recovery Manager 5.1

With the announcement of vSphere 5.1 is also the announcement of Site Recovery Manager 5.1. Below are some of the new features and enhancements coming with SRM 5.1

Application Quiescence for vSphere Replication

The new VR has improved VSS integration and doesn’t merely request OS quiescence, but flushes app/db writers if present.

This is due to better handling of VSS through the VMware Tools present in vSphere 5.1 and requires no work to configure – merely select the quiescing method and VR will handle it.

If VR is asked to use VSS, it will synchronize its creation of the lightweight delta with the request to flush writers and quiesce the application and operating system. This ensures full app consistency for backups.

vSphere Replication is presented the quiescent and consistent volume produced by the OSS flushing the VSS writers, and that consistent volume is used to create the LWD for replication.

If for some reason the VSS can not quiesce correctly or flush the writers, VR will continue irrespective of the failure and create an OS consistent LWD bundle at the VM level, and generate a warning that VSS consistency was not able to be created.

All Paths Down Improvements

The way vSphere 5 handles hosts with devices in an “All Paths Down” state has been improved to ensure that the host does not get stuck in a loop attempting I/O on unavailable devices.

APD states often occur during disaster scenarios, and as such it becomes important for SRM that the platform not cause delay for recovery.

SRM now checks for a datastore’s accessibility flag before deciding whether or not to attempt to use that datastore. A datastore may become inaccessible because of various reasons, one of which is APD.

The changes in how vSphere handles these devices enables SRM to differentiate APD from other types of inaccessible states such as and Permanent Device Loss (PDL).

If SRM sees a datastore in an APD condition, it will stop immediately and try again later, since APD conditions are supposed to be transient, rather than time out trying to access a missing device.

SRM also has been improved to use a new unmount command to gracefully remove datastores from the primary protected site during the execution of a recovery plan. Since SRM needs to break replication and unmount the datastore from the protected environment the new method allows for a graceful dismount and generation of an APD situation rather than an abrupt removal of the datastore.

During a disaster recovery, however, in some cases hosts are inaccessible via network to gracefully unmount datastores, and in the past the isolated hosts could panic if their storage was removed abruptly by SRM.

With vSphere 5.1 there are new improvements to the hosts and storage stacks that allow them to remain operative even through an unplanned APD state.

Forced Failover

Forced failover was introduced in SRM 5.0.1 for recovery plans using array based replication protection groups. With SRM 5.1 forced failover is now fully supported for all protection group types.

In some cases SRM will be unable to handle storage failure scenarios at the protection site. Perhaps the devices have entered an APD or PDL state, or perhaps storage controllers are unavailable, or for many other reasons. Perhaps the original SAN is reduced to a puddle of molten slag.

In these cases, SRM can enter a state where it waits for responses from the storage for an untenable amount of time. For instance, timeouts have been seen to last as long as 8 hours while waiting for responses from ‘misbehaving’ storage at the protected site.

Forced failover handles these scenarios. If storage is in a known inconsistent state, a user may choose to run a recovery plan failover in “forced failover” mode. Alternately, if a recovery plan is failing and timing out due to unresponsive protected site storage, the administrator could cancel the running recovery plan and launch it again in forced failover mode.

Forced failover will run *only* recovery-side operations of the recovery plan. It will not attempt any protected site operations such as storage unmounts or VM shutdowns. During a forced failover execution of a recovery plan any responses generated by the protected site are completely ignored.

Array-based replication forced failover worked with SRM 5.0.1, and after extensive testing has now been introduced to work with vSphere Replication as well.

Failback supported with both Array and vSphere Replication

SRM 5.1 now includes vSphere Replication in the “automated failback” workflow!

With SRM 5 VMware introduced the “Reprotect” and failback workflows that allowed storage replication to be automatically reversed, protection of VMs to be automatically configured from the “failed over” site back to the “primary site” and thereby allowing a failover to be run that moved the environment back to the original site.

Taken together as “automated failback” this feature was well received by those using array-based replication, but was unavailable for use with vSphere Replication.

With SRM 5.1 users can now do automated reprotects and run failback workflows for recovery plans with any type of protection group, both VR and ABR inclusive.

After running a *planned failover only*, the SRM user can now reprotect back to the primary environment:

Planned failover shuts down production VMs at the protected site cleanly, and disables their use via GUI. This ensures the VM is a static object and not powered on or running, which is why we have the requirement for planned migration to fully automate the process.

The “Reprotect” button when used with VR will now issue a request to the VR Appliance (VRMS in SRM 5.0 terminology) to configure replication in opposite direction.

When this takes place, VR will reuse the same settings that were configured for initial replication from the primary site (RPO, which directory, quiescence values, etc.) and will use the old production VMDK as seed target automatically.

VR now begins to replicate replicate back to the primary disk file originally used as the production VM before failover.

If things have gone wrong at the primary site and an automatic reprotect is not possible due to missing or bad data at the original site, VR can be manually configured, and when the “Reprotect” is issued SRM will automatically use the manually configured VR settings to update the protection group.

Once the reprotect is complete a failback is simply the process of running the recovery plan that was used to failover initially.

vSphere Essentials Plus Support

SRM 5.1 is now supported with vSphere Essentials Plus, enabling smaller companies to move towards reliable disaster recovery protection for their sites.

•vCenter version 5.1 is the only version that will work with SRM 5.1. Lower versions of vSphere/VI are supported, but vCenter must be up to date.

•At time of shipping, only vSphere 4.x and 5.x are supported.

•ONLY ESXi 5.0 and 5.1 will work for vSphere Replication as the VR Agent is a component of the ESXi 5.x hypervisor.

•While both Storage DRS and sVmotion are not supported with SRM 5.1, they will work in some scenarios even though unsupported.

•While Storage vMotion with array-replicated protected VMs can be done by an administrator, they must then ensure that the target datastore is replicated and that the virtual machine is once again configured for protection. Because this is a very manual process it is not officially supported.

•Storage DRS compounds this problem by automating storage vmotion, and thereby will cause the VMDK of the protected virtual machines to migrate to potentially un-protected storage. Because of this it is unsupported with SRM 5

•Storage vMotion and Storage DRS are not supported at all with SRM 5 using vSphere Replication as migration of a VMDK will cause the migrated VM to reconfigure itself for protection, potentially putting it in violation of its recovery point objective.

 


by 2 Comments

vSphere 5.1 Announced with Distributed Switch Enhancements

With the release of vSphere 5.1, VMware brings a number of powerful new features and enhancements to the networking capabilities in the vSphere platform. These new features enable customers to manage their virtual switch infrastructure with greater efficiency and confidence. The new capabilities can be categorized into three main areas: operational improvements, monitoring and troubleshooting enhancements, and improved scalability and extensibility of the VMware vSphere Distributed Switch (VDS) platform. Following are some of the key features:

1)Network Health Check support – helps detect mis configurations across physical and virtual switches

2)Configuration Backup Restore – Allows vSphere admins to store the VDS configuration as well as recover the network from the old configurations

3)Rollback and recovery – Addresses the challenges that customer faced when management network failure caused the Hosts to disconnect from the vCenter Server

4)Port Mirroring enhancements – New troubleshooting capabilities are introduced by supporting RSPAN and ERSPAN

5)Netdump – Provides the ESXI hosts without disk (stateless/Autodeploy) the ability to core dump over network

6)Improved Scaling numbers

Network Health Check

Network Health check prevents the common configuration error such as Mismatched VLAN, MTU and teaming configuration.

This tool is very helpful in an organization where the network administrators and vSphere administrators respectively take the management ownership of physical network switches and vSphere hosts. In such organizations vSphere admins can provide the network related warnings to the network admins and help identify issues quickly.

Configuration Backup and Restore

VDS configuration is managed through vCenter Server and all the virtual network configuration details are stored in the vCenter database. Previously, In case of database corruption or database loss events, customers were not able to recover their network configurations and had to rebuild the virtual networking configuration from scratch. Also, there was no easy way to replicate the virtual network configuration in another environment or go back to the last working configuration after any accidental changes to virtual networking settings.

All of the above concerns are addressed through the VDS configuration backup and restore feature.

Backup a VDS Configuration

image

Restore a Port Group Configuration

image

Rollback and Recovery

The management network is configured on every host and is used to communicate with vCenter Server as well as to interact with other host during vSphere HA configuration. This is critical when it comes to centrally managing hosts through vCenter Server. If the management network on the host goes down or there is a misconfiguration, vCenter Server can’t connect to the host and thus can’t centrally manage resources.

If there is any issue with management network the Hosts can’t reach the vCenter server. And thus vCenter server can’t make any changes to the network and push to the hosts.

In such situation, The only way for the customer to recover is to go to individual hosts and build a standard switch with proper management network configuration. Once all the hosts have their management networks attached to a standard switch, vCenter Server can manage the hosts and re-configure the VDS.

With Rollback and recovery option customers don’t have to worry about going to standard switch route to recover from any mgmt. network failure scenario.

The Automatic Rollback and Recovery feature addresses all the concerns that customers have regarding the use of management network on a VDS. First, the automatic rollback feature automatically detects any configuration changes on the management network and if the host can’t reach the vCenter Server, it doesn’t allow the changes to take effect. Second, customers also have an option to reconfigure the management network of the VDS per host through DCUI. Customers have to connect to each host and through DCUI can change the management network parameters of the VDS

LACP

Link Aggregation Control Protocol (LACP) is a standard based link aggregation method to control the bundling of several physical network links together to form a logical channel for increased bandwidth and redundancy purposes. LACP allows a network device to negotiate an automatic bundling of links by sending LACP packets to the peer. As part of the vSphere 5.1 release, VMware now supports this standard based link aggregation protocol.

Single Root IO Virtualization is a standard that allows one PCI express (PCIe) adapter to be presented as multiple separate logical devices to the VMs. The hypervisor manages the physical function (PF) while the virtual functions (VFs) are exposed to the VMs. In the hypervisor SR-IOV capable network devices offer the benefits of direct I/O, which includes reduced latency and reduced host CPU utilization. VMware vSphere ESXi platform’s VM Direct Path (pass through) functionality provides similar benefits to the customer, but requires a physical adapter per VM. In SR-IOV the pass through functionality can be provided from a single adapter to multiple VMs through VFs.

SR-IOV

Single Root IO Virtualization is a standard that allows one PCI express (PCIe) adapter to be presented as multiple separate logical devices to the VMs. The hypervisor manages the physical function (PF) while the virtual functions (VFs) are exposed to the VMs. In the hypervisor SR-IOV capable network devices offer the benefits of direct I/O, which includes reduced latency and reduced host CPU utilization. VMware vSphere ESXi platform’s VM Direct Path (pass through) functionality provides similar benefits to the customer, but requires a physical adapter per VM. In SR-IOV the pass through functionality can be provided from a single adapter to multiple VMs through VFs.

BPDU Filter

BPDUs are data messages or packets that are exchanged across switches to detect loops in a network. These packets are part of the Spanning Tree Protocol (STP) and are used to discover the network topology. The VMware virtual switches (VDS and VSS) do not support STP and thus do not participate in BPDU exchange across external physical access switches over the uplinks.

The BPDU filter feature available in this release allows customer to filter the BPDU packets that are generated by virtual machines and thus prevents any Denial of Service attack situation. This feature is available on VMware vSphere Standard and Distributed switches, and can be enabled by changing the advanced “Net” settings on ESXi host.

Port Mirroring and NetFlow Enhancements

To address the network administrator’s need for visibility into virtual infrastructure traffic, VMware introduced port mirroring and NetFlow features as part of the vSphere 5.0 release. These features provide necessary and familiar tools to network administrators that help them in monitoring and troubleshooting tasks. In vSphere 5.1, the port-mirroring feature is enhanced through the additional support for RSPAN and ERSPAN capability.

IPFIX or NetFlow version 10 is the advanced and flexible protocol that allows customer to define the NetFlow records that can be collected at the VDS and sent across to a collector tool. Following are some key attributes of the protocol:

Customers can use templates to define the records

Template descriptions are communicated by the VDS to the Collector engine

Can report IPv6, MPLS, VXLAN flows.

VDS Management Plane Scalability

Following are the scalability numbers for VDS management plane

  • Static dvPortgroups goes up from 5 K to 10 K
  • Number of dvports goes up from 20 K to 60 K
  • Number of Hosts per VDS goes up from 350 to 500
  • Number of VDS supported on a VC goes up from 32 to 128

Netdump

Netdump is a vSphere ESXi platform debug feature that helps dump the vmkernels core dump to a server on the network. In this release of vSphere 5.1 the netdump support is extended to the ESXi host without local disks or also termed as stateless ESXi or Auto deploy environments.

In vSphere 5.0, enabling netdump on an ESXi host with the management network configured on a VDS was not allowed. In vSphere 5.1, this limitation has been removed. Users now can configure netdump on ESXi hosts using management network on VDS.


by 1 Comment

vSphere 5.1 Announced with Enhanced vSphere Web Client

Another of the new features of vSphere 5.1 is the Enhanced vSphere Web Client. The web Client was already part of vSphere 5 but now it is the Primary client for administrators in vSphere 5.1. Some facts

Enhanced vSphere Web Client:

The NEW virtual infrastructure client

  • Primary client for vSphere administrators in vSphere 5.1
  • Matched functionality to legacy vSphere Client
  • Additional vCenter 5.1 functionality, only available through the vSphere Web Client

Browser based

  • Internet Explorer / FireFox / Chrome fully supported (Rumours are Chrome is the fastest)
  • others (Safari, etc.) are possible (But without VM console access)

vSphere Web Client – Installation

Installer located on ISO image

Install on vCenter Server or separate server (recommended)

Login using

  • https://<FQDN or IP Address>:9443/vsphere-client/
  • Install Client Integration Plugin for console access

image

  • vSphere Web Client included with vCenter Server Appliance

vSphere Web Client – Object Navigator

Breaks the traditional hierarchy view of an object

  • Objects linked and displayed by relationships

image

Conventional top level hierarchy view maintained on HOME screen and links to object navigator

  • Allows an admin to view objects by solutions
  • But maintains global perspectives

image

  • Allows an admin to jump to the crucial element faster via object relationships and object search
  • Reduces client clutter and repetitive information by simplifying display of objects
  • Displayed objects are all that is communicated between server and browser

image

vSphere Web Client Interface

The new interface has the look and feel of vCloud Director but with loads of new features and goes to the same layout that vCenter Operations Manager for example has already.

image

vSphere Web Client – Plugin’s

Plugins are now server based

•Recreated in FLEX

•HTML Plugins (temporary work around)

VMware Plugins (90 Days post GA)

•vSphere Update Manager (VUM)

•vCenter Site Recovery Manager (SRM)

•vShield Manager

All VMware Solutions will integrate as they get updated

Third Party Plugins

•EMC, NetApp, HP, Dell etc

Centralised Log Browser

Proven framework to provide rich troubleshooting tools

vSphere Web Client plugin

Takes snapshot of specified host / vCenter logs

Provides rich user interface to review log data

  • search
  • filter by name / event / keyword
  • compare multiple logs
  • highlight key words

image

Simplifies Troubleshooting

The new vSphere Web Client looks to be a great replacement for the viclient and with SRM and other tools tipped to integrate it should provide every vSphere administrator an easier way to manage and administer their environments and give them all the stats and tools needed.

There are going to be a whole bunch of web based tutorial’s for people to learn how to use the new vSphere Web Client on

http://blogs.vmware.com/vsphere/vcenter-server/

I’m really looking forward to learning how it all works and being able to integrate all the new and existing plugins into it.

Gregg

Note: Screenshots thanks to VMware.


by Leave a comment

VCDX Spotlight: Michael Webster

Name: Michael Webster

Twitter Handle: @vcdxnz001

Blog URL: https://longwhiteclouds.com

Current Employer : I own IT Solutions 2000 Ltd

VCDX #: 66

 

How did you get into using VMware?

In 1998 I started with the first early versions of VMware workstation on Linux while I was working at a large ISP. This allowed me some great options for supporting customers on multiple OS’s without having multiple machines. I started using ESX in 2002, and even with the very early versions could see the potential.

 

 

What made you decide to do the VCDX?

I wanted to achieve VCDX as a competitive differentiator from other consultants and consulting businesses and I wanted to prove to myself that I could be one of the best in the world at what I do. I also wanted to prove to VMware that I was a serious partner.

 

 

How long did it take you to complete the whole VCDX journey?

At least 10 years, if you include the work experience that leads up to it. I think the previous work experience I had was one of the factors that helped me be successful the first time through. If you’re just interested in the certificate path it took about 12 months in total from the time I passed VCP4, VCAP4-DCD, VCAP4-DCA and VCDX defence. Most of the time was spent waiting for the exams to become available.

 

 

What advice would you give to people thinking of pursuing the VCDX accreditation?

Read the blueprints and application documents very carefully and do exactly what they say. Re-read them multiple times and make sure you cover everything. Make sure you know your design inside and out like the back of your hand. Be prepared to answer any questions on any aspect of it. Make sure you know where you made mistakes and can point them out and make sure you know where you deviated from best practices and why. Read all of the blog posts from the other VCDX’s about their journey and the tips that they give. Everything you need to know to be successful in VCDX is already publically available if you’re ready. Be prepared to invest hundreds of hours and a significant amount of money (yours or your companies). Do a mock defence with people that can ask pointed questions as a customer would so you have to explain and justify everything. Make sure you are comfortable presenting and can think and design and troubleshoot on your feet.

 

If you could do the whole VCDX journey again what would you do differently?

I don’t think I’d change anything.

Life after the VCDX?  How did your company respond?  Was it worth it?

 

Regardless of how my company and customers responded the process was definitely worth it. I loved the process and I learned a lot from it. Even if I wasn’t successful at the defence it would still have been worth it, just for the learning experience alone.

It has opened a lot more doors since I achieved VCDX and I have had the opportunity to work on a few more exciting projects that I may not have had otherwise. Some customers are specifying a requirement for VCDX in their RFP’s. So being one of such a small group really is worth it.

I get the opportunity to contact and work with quite a few other VCDX’s and this is very valuable, as everyone has different experience and there is always opportunities to learn more.

One thing that I constantly have running through my mind is “With great power comes great responsibility.” I think with having achieved VCDX people pay a lot more attention to what I say and do and I have to be a good role model. The number of followers and connections I have has certainly increased a lot. So there can be a lot greater consequences for what I say in public and I try to be mindful of that. But it’s not going to stop me speaking my mind. But I do consider the impact a lot more before I take a position on something.

But everybody is human, even VCDX’s. We can’t know everything, but we do try and know what we don’t know, and if we don’t know something say so. Integrity is of the utmost importance.

This is always nice also:

IMG_3437


by 3 Comments

SQLXML 4.0 SP1 10.0.1600.60 for VMware vCenter Configuration Manager

A very quick posting to maybe save someone some time while trying to get this component installed and for vCenter Configuration Manager’s system checks to verify it.

One of the components required for the installation of the collector and web server for VCM is SQLXML SP1. The installation documentation from VMware states the below in relation to the requirement:

Verify the SQLXML Version
Verify that SQLXML 4.0 SP1 is installed. Version 4.0 SP1 is installed with SQL Server 2008 R2.
Procedure

  1. Click Start and click Control Panel.
  2. Click Programs and select Programs and Features.
  3. Verify that SQLXML 4.0 SP1 appears in the list of installed programs.
  4. Verify that the version is 10.0.1600.60 or later.
  5. If the version is not SQLXML 4.0 SP1 10.0.1600.60 or later, or only an earlier version of SQLXML is installed, install SQLXML 4.0 SP1.

Firstly, I did not have it installed so searched for SQLXML SP1, downloaded, and installed it. I then checked the version and I had downloaded a newer version than the 10.0.1600.60 version mentioned in the installation documentation but as shown above they said that would be fine. As you can see below my version of SQLXML SP1 was 10.1.2532.0

clip_image001

My problems came about when i ran the installation and the checker would run through but fail giving me an error for SQLXML SP1 even though I had it installed. It seems despite the documentation saying versions newer than 10.0.1600.60 work it seems the checker doesn’t like it and won’t allow you to carry on. Therefore, I had to download the 10.0.1600.60 version and then the checker passed clip_image002

clip_image003

The path to the “correct” version is http://www.microsoft.com/en-us/download/details.aspx?id=8824. Obviously, you have to download the instructions and then do the installation from there. SQLXML is near the bottom of the page.

Gregg


by Leave a comment

VCDX Spotlight: Chris Colotti

Name: Chris Colotti

Twitter Handle: @CColotti

Blog URL: http://www.chriscolotti.us

Current Employer: VMware, Inc.

VCDX #: 37

How did you get into using VMware?

This is actually a long story, but I will try to keep it brief. Back in late 2003, I began playing with ESX 1.5 in a home lab for my own personal education. At the time I was a business analyst working for the office of the Executive Vice President at PC Connection in NH, helping create a new custom application for the sales team. However, I really wanted to work in the IT department. I started to learn as much about VMware and virtualization as I could as part of the project. Once the project needed to move into implementation I saw my opening to pitch the use of VMware. I also knew that nobody in IT at the time even heard or it, so I ended up being the VMware expert and was moved into IT to run the implementation of the systems. I deployed PC Connection’s first groups of clusters on IBM hardware and storage with good success. At the time we were one of very few companies using VMware 2.x in Production at the time and we were a great story for IBM and VMware.

What made you decide to do the VCDX?

I’d like to say it was for career advancement, or recognition, but really the main reason was personal growth. As a VMware PSO employee at the time it was harder to find the time and the support from some managers back then to take the tests, let alone the defence. Like many things I do in my life, I do them just to see if I can and to help myself grow to a new personal level. It’s a challenge to myself to learn new things and VCDX was one I wanted to see if I could get. I simply wanted to be one of the first people in VMware PSO to achieve the certification and my mission was accomplished.

How long did it take you to complete the whole VCDX journey?

This for me took almost 2 years. I started the process by taking the original tests once they were released. Getting support from managers as a PSO person on delivery engagements was always a challenge, but there was also delays in the early stages of the tests and defences. Once I passed the tests, there were not many defences available to get into at first. I think I recall there only being ones at PEX and VMworld at that time. If memory serves there was not any outside of corporate events like the big two. I also think the limited spots were being given to VMware employees at fist in order to get the word out on the program for non VMware people. Travel budgets and other restrictions got lifted and finally made it possible at Partner Exchange in Las Vegas.

What advice would you give to people thinking of pursuing the VCDX accreditation?

I think the best advice I can give is like any challenge, do it for you. Not for you’re company, your boss, the hope of a raise, or jumping ship with a shiny new certification to get you a new job. If you go into it with goals that are not for personal growth, it’s not going to be fun or rewarding. You should WANT to get your VCDX, you should not feel like you HAVE to get it. The other things may or may not come, but nothing is ever guaranteed except personal satisfaction. Prepare for the defence properly. It’s a conversation between you and the panel. It’s not a grilling session of you by them, or a 90 minute PowerPoint by you. Have fun with it and I say these days, enjoy the journey. I think the best part for me was the defence itself, and that is where most people freak out. I actually had fun talking about the solution and admitting where things were not really great in the design. Those areas gave me talking points for the panel. No design is perfect, you should admit where you made mistakes, and why they may have been bad decisions. Lastly, too many people worry about the names of the panellists and who they will get. Don’t worry about it, frankly it does not matter who you get on your panel.

If you could do the whole VCDX journey again what would you do differently?

 I’m not sure really. I passed the defence on the first attempt, so I really have nothing to look back on and change. Personally the written exams are tough for me. If I could change anything it would be to study for those more. Even today I have trouble with the exams to maintain my upgrade status. I cannot even say I’d want a different group of panel members as a joke. I liked having both Frank and Duncan in the room for my defence. We have all three been friends really ever since and found mutually newfound respect for one another. My journey led to many projects with both of them. I can’t say I’d personally change anything, I’d do it the same a second time around.

Life after the VCDX?  How did your company respond?  Was it worth it?

Trick question since I work for VMware. At the time it was so new and not well known so there was not much response to be honest. I think now as people pass it there is more visibility to it, so there may be more recognition internally. For me being #37 and the fact it was so new made it hard for people to understand what it meant. Life is the same as it was before for the most part. I’d say it was worth it for my personal growth like anything else I do, but for me it has not change anything in what I do or how I do it. Back then I wish it had more recognition, but as they say, it is what it is.


by 4 Comments

Deploying an Isolated Update Manager Download Service Architecture

During a recent customer engagement for a Virtual Infrastructure build out I was tasked with deploying an Isolated/Air Gap Update Manager Download Service architecture. If you do not know what an isolated Update Manager Download Service is then read this article first before carrying on. I came across a few hurdles during this deployment and so i waned to create a quick reference of what I followed for my future reference and to hopefully help anyone who gets the problems I was getting during the setup

  1. For this setup, I got a service account created that would be used for the installation of VUM and the UMDS.
  2. For my setup I setup VUM and UMDs on their own dedicated servers as you obviously have to do as the UMDS has to be in the DMZ.
  3. For the installation of UMDS I followed the following steps from the vSphere 5 Documentation Center.
  4. Next I installed VUM following the steps detailed from this vSphere 5 Documentation Center article.
    1. Note: The first hurdle I hit in this installation was that the SQL Client for SQL 2012 doesn’t work for the ODBC connections so I had to install the SQL 2008 Client from here for it to show the ODBC configuration when I went through each of the installations.
  5. Next was the configuration of UMDS and I followed this vSphere 5 Documentation Center article.
  6. Next was the creation of the IIS server for the UMDS so that VUM can contact and download the patches. I followed this vSphere 5 Documentation Center article.
  7. Next was the exporting of the downloaded patches to the UMDS folder under the IIS website (for mine I did a virtual directory to a folder on my data drive so that the c drive was not filled up with patches.)
    1. Note: For the exporting, I kept getting an error as detailed in this VMware Communities discussion I created. As detailed in the discussion the problem was I had to set the folder location as my default export store by running vmware-umds -S –default-export-store <your path to the UMDS folder>.
    2. Then you can export the patches to the folder location by running: vmware-umds –E <your path to the UMDS folder>.
  8. Now you can go into your vCenter and setup the UMDS as your shared repository location by pointing to the IIS website you created for the UMDS folder

clip_image001

    1. Note: For the downloading of the patches I kept getting a failure where the downloading patches task would get stuck at 50% for a few minutes and then fail stating “Cannot download patch definitions” as shown below.

clip_image002

2. The problem here was that the service account running the VUM service on the VUM server did not have full permissions to the folder. After reapplying the patches the downloading of the patches worked clip_image003

After going through all of the above steps, my air gap Update Manager Download Service was now setup clip_image004[1]

I hope that this saves someone the headaches I had along the way

Gregg


by Leave a comment

VCDX Spotlight: Brian Smith

Name: Brian Smith

Twitter Handle: @bsmith9999

Blog URL: bsmith9999.com

Current Employer: VMware

VCDX #: 91

How did you get into using VMware?

I started using workstation in 2001, but the real work began in 2006 with GSX (now called VMware Server) and ESX. We had a lab full of software development and testing servers, out of Power, Space, & Cooling. We needed consolidation and test automation that included full OS re-installs multiple times daily, virtualization was the only solution. At the time I worked for a Microsoft gold partner we were pressured to use their solutions, but they were weak. VMware’s platform was/is robust and solid, we made the obvious decision. A year later we added Lab Manager to assist with the automation, now we use vCloud Director for the same functionality.

What made you decide to do the VCDX?

I have spent a lot of time creating and implementing vSphere designs the past 7 years, this certification seemed like a worthy challenge. I began blogging about my IT experiences in 2008. I created a couple of popular posts, one of them about VMware Lab Manager best practices that gained a lot of traction in the community. I hoped VCDX certification would add to my credibility.

How long did it take you to complete the whole VCDX journey?

I have had a current VCP since 2008. I really started considering VCDX and passed my VCAP4 exams in Sept & October of 2011. I then passed on my first paper/defence attempt in May of 2012 gaining VCDX4 certification. After passing the VCAP5-DCD exam I now have VCDX5 certification as well.

What advice would you give to people thinking of pursuing the VCDX accreditation?

It’s a very positive life changing experience, it will vault you into an impressive peer group that I doubt I will ever feel worthy of. Be sure to allocate plenty of time for preparation, know your design and be ready to explain why you made every decision you did and why you didn’t make the other choices.

If you could do the whole VCDX journey again what would you do differently?

One thing I never read anywhere else is not only that you should do practice defence of your paper, but also do some mock design problems. I posted some thoughts about the defence before I got my results http://bsmith9999.blogspot.com/2012/05/vcdx-thoughts.html

Life after the VCDX?  How did your company respond?  Was it worth it?

I have already been given more opportunities to work on bigger and more visible projects. I now enter any situation with more confidence and my ideas are worth a lot more than just another suggestion in the room. Meeting other VCDX candidates was a great experience; I have a few new friends and a lot of new career networking options. It was definitely worth it. The only change I would make is to have pursued it earlier.


by 3 Comments

iSCSI by default on IBM HS22 Blades

On a recent client engagement fellow Xtravirt colleague Darren Woollard and I were awaiting the build out of the IBM HS22 blades the client had procured for our usage as ESXi5 hosts. IBM services came in to complete the configuration of these servers which was stated to only take a mornings worth of work. Unfortunately due to a very strange default setting that the HS22 blades seem to come with it took us almost four days and the below work around to fix the “problem”.

Our problem was that the second NIC on all the blades was set to iSCSI by default so if we looked in the BIOS the NIC wasn’t presented due to this configuration. The only way we found we could get it back to a normal NIC for usage in ESXi was to do the following:

  1. Boot the server into a Microsoft OS (This was a fun part for us as all our hosts were stateless in readiness for Auto Deploy so we had to “steal” a drive from another server)
  2. Download the OneCommand Software from the IBM website
  3. With the OneCommand software installed ,Select the OCManager program from the MS Windows Start Menu.

clip_image001

4. The application will launch and enumerate the adapters; this typically takes 30 seconds to populate the left hand pane.

clip_image002[4]

5. The populated pane should resemble the screenshot below.

clip_image003

6. Highlight the OCm adapter. The Personality section will reveal the NICs are to set to iSCSI.

7. Click the NIC-only radio option.

clip_image004[4]

8. Click Apply.

9. Reboot the Blade.

10. That’s the “re-configuration” complete for this blade, now to repeat the above steps across all your remaining blades Smile .

I’m sure there must be a simpler way of fixing it but we spoke to a few IBM services people and the only way to fix it seems to be this which we find very hard to believe.

Gregg


by Leave a comment

VCDX Spotlight: Scott Lowe

Name: Scott Lowe

Twitter Handle: @scott_lowe

Blog URL: http://blog.scottlowe.org

Current Employer: EMC Corporation

VCDX #: 39

 

How did you get into using VMware?

I first started using VMware in the 2003-2004 timeframe, beginning with VMware GSX Server. I loved the idea of running multiple OS instances on a physical server in order to provide more fine-grained resource utilization and workload isolation. It wasn’t long before I transitioned to VMware ESX just after the release of ESX 2.5, and I achieved my first VCP on ESX 2.5. (I guess that makes me a VCP2/3/4/5.) Moving to ESX Server was, for me, fabulous; the ability to migrate virtual machines between physical systems (what we call vMotion) was revolutionary. It’s kind of funny now how we almost take it for granted. At the same time, I was also exploring the use of VMware on the desktop, using VMware Workstation and—immediately upon its very earliest “Friends and Family” release at VMworld 2006—I switched to VMware Fusion on a MacBook Pro.

What made you decide to do the VCDX?

When the VCDX was first announced, I immediately decided to go for it. For years, I had considered pursuing CCIE, but not being a full-time networking specialist that was (and still is) very difficult. Here, though, was a CCIE-type achievement targeted at virtualization, something I was doing all day every day. For me, it was a no-brainer. I simply had to do it.

How long did it take you to complete the whole VCDX journey?

I completed the Enterprise Administration exam (now referred to as VCAP-DCA) in March of 2009, and was anticipating taking the Design Exam almost immediately afterward. For whatever reason, though, I was unable to get into the Design exam beta. Those that did get into the beta were eligible to participate in the first VCDX defences at VMworld 2009. I had to wait until early November of 2009 to take and pass the Design Exam (now known as VCAP-DCD). I submitted my defence design in late December 2009, and defended at VMware Partner Exchange (PEX) 2010 in Las Vegas. The rest, as the saying goes, is history.

What advice would you give to people thinking of pursuing the VCDX accreditation?

Go for it! Among the other things that pursuing VCDX taught me, one of them was that pursuing a goal such as VCDX is a worthwhile endeavour. If you’re already working with VMware virtualization every day, why would you not pursue it? Having a goal like VCDX helps shape your learning, helps drive you to a deeper understanding of the technologies and concepts, and sharpens your ability to tie that technical knowledge back to the business. All of those things, in my mind, are beneficial apart from the certification. As for tips or tricks, I can only say that you need to go both deep and wide. You need to be deeply proficient in the products, but you also need to be able to take a wide view of how all the products and technologies fit together and relate to each other.

If you could do the whole VCDX journey again what would you do differently?

That’s a tough question. Life was really crazy at that time—I was in the midst of writing Mastering VMware vSphere 4 (which was released at VMworld 2009) and VMware vSphere 4 Administration Instant Reference. I was doing that while studying for ESX 3.x exams (the Enterprise Administration and Design exams were, at that time, still based on VI3). That was a challenge for me. I think if I had it to do over again, I probably would have focused more on the certification instead of having several major projects going on at the same time. Of course, life doesn’t always give you that luxury!

Life after the VCDX?  How did your company respond?  Was it worth it?

Was it worth it? Absolutely, but not necessarily in the way you might expect. For me, the value in VCDX was in the achievement of a personal goal, the achievement of excellence in a technology that I enjoyed using. I achieved VCDX shortly after joining EMC (I joined EMC in January 2010, and I achieved VCDX in February 2010), and EMC didn’t really respond differently to me afterward. That’s OK, though, because I wasn’t really doing it for any reason other than to satisfy my own drive for achievement.